Cisco security GM: Consumerization drives everything

Employees love using their own devices to do corporate work, but the practice, known as consumerization, is rife with security risks. Speaking with New York Times deputy tech editor Quentin Hardy today at Mobilize, Tom Gillis, VP and GM of the Security Technology Business Unit at Cisco, said consumerization is causing a fundamental rearchitecture of how networks look that requires a reimagining of security solutions.

The gist of the problem, by Gillis’s thinking, is that work has become something that we do rather than a place that we go. That means a firewall that simply allows access to data from internal sources while shutting out external sources is fast becoming an antiquated solution because there’s no definite beginning or end to the corporate network. Now, Gillis explained, traffic is coming from everywhere and on a variety of different devices, which means security products need to learn some new tricks.

Among the highest-priority new capabilities might be wrapping corporate data in security protocols that safeguard in dynamic manners beyond what traditional firewalls do. For example, consumerization-inspired security methods will have to recognize who has access to data without necessarily relying on the IP address of a specific physical server. It could just as easily be any number of virtual machines or mobile devices from which employees or applications are legitimately trying to gain access.

But although it’s hard work trying to solve security for consumerization (and, to a lesser degree, virtualization), Gillis thinks it’s critical that security vendors and IT departments try to do so. For one, he said, consumerization is going to happen regardless whether companies allow it. In this regard, it’s similar to how Amazon Web Services instances and VMware virtual machines started popping up all over enterprises without consent from above. The best bet, Gillis said, is to embrace the trend and figure out a way to make it secure. It’s “almost absurd” at this point to be the guy who says no, he added.

And when it’s all said and done, companies will likely have happier employees. Gillis noted that employee satisfaction among his team within Cisco skyrocketed when employees were allowed to use their own Macs instead of the company-issued Windows machines, despite the fact that employees had to pay for and service Macs out of their own pockets.

Gillis thinks virtualization might be the trick to solving security for consumerization, but he sees plenty of work still to be done. Right now, he explained, “there’s a gap … that needs to be filled” between delivering enterprise applications to devices via virtual-desktop-like methods and putting a hypervisor right on the device to separate it into a personal VM and a corporate VM. The former creates problems around display and functionality, especially if you’re talking about putting Windows apps on non-Windows devices, and the latter can be a serious performance hindrance, Gillis said.

Whatever path companies take to solve these problems, though, Gillis said whoever can do it will be in a good position to lead the security market going forward. It’s like a NASCAR race, he analogized, where we’re heading into a blind corner and whoever best maneuvers it will come out ahead.